SOC Lead - L3 Subject Matter Expert

Cybersecurity SOC Lead

SIEM - RSA Administration hands-on (L3/ SME)

Act as an escalation for L2 (IT & OT) and take forward cases escalated by them.

Ensure SLA's and consistent delivery of managed services

Conduct advanced analysis on the case including network/host-based analysis and threat hunting to uncover hidden threats

Oversee the efficiency of the MSS by define develop and maintain metrics KPIs, reports and operational dashboards.

Collaborate with stakeholders to ensure effective monitoring.

Participate regularly and drills specific to IT and OT environment to test the effectiveness of incidents and disaster recovery plans

Act as the focal point for management for the CSOC day to day operations and crisis handling.

Invoke and approve major changes needed to support incident response activities.

Identify areas for improvement periodically within SOC processes and implement changes to increase efficiency and effectiveness.

Act as a focal point in participating and responding to security audits (external and internal and comply with NIST maturity level four, MIL4 ), providing necessary documentation and evidence of compliance along with the team.